Trusted infrastructure support systems, methods and techniques for secure electronic commerce, electronic transactions, commerce process control and automation, distributed computing, and rights management
2 Assignments
0 Petitions
Accused Products
Abstract
An integrated, modular array of administrative and support services are provided for electronic commerce and electronic rights and transaction management. These administrative and support services supply a secure foundation for conducting transaction-related capabilities functioning over electronic networks can also be adapted to the specific needs of electronic commerce value chains. In one embodiment, a Distributed Commerce Utility having a secure, programmable, distributed architecture provides administrative and support services. The Distributed Commerce Utility may comprise a number of Commerce Utility Systems. These Commerce Utility Systems provide a web of infrastructure support available to, and reusable by, the entire electronic community and/or many of its participants. Different support functions can be collected together in hierarchical and/or networked relationships to suit various business models or other objectives. Modular support functions can be combined in different arrays to form different Commerce Utility Systems for different design implementations and purposes.
-
Citations
96 Claims
-
1-20. -20. (canceled)
-
21. A system comprising:
-
a telecommunications switch including a security checkpoint system, the security checkpoint system being operable to verify that information received at the telecommunications switch in a secure electronic container was routed through one or more required or authorized security checkpoint systems prior to receipt, and that the secure electronic container was sent in accordance with controls restricting the transmission of the information in the secure electronic container; and
a secure end user node, the end user node being located at a site on a telecommunications network that is remote from the telecommunications switch, the end user node being operable to receive the secure electronic container from the security checkpoint system over the telecommunications network, and to securely enable an end user to use the information in the secure electronic container in accordance with controls included in the secure electronic container;
wherein the security checkpoint system and the end user node are independent from a security perspective, such that a breach of security related to the end user node will not compromise the security of the security checkpoint system. - View Dependent Claims (22, 23, 24, 25, 26, 27, 28, 29)
-
-
30. A method comprising:
-
receiving, over a telecommunications network, a secure electronic container at a security checkpoint system;
verifying that the secure electronic container was routed through one or more required or authorized security checkpoint systems prior to receipt at the security checkpoint system, and that the secure electronic container was sent in accordance with one or more controls associated with the secure electronic container and restricting the transmission of information in the secure electronic container;
sending the secure electronic container over the telecommunications network to a secure end user node located remotely from the security checkpoint system, wherein the sending is performed in accordance with the one or more controls; and
accessing, at the end user node, the information in the secure electronic container in accordance with the one or more controls. - View Dependent Claims (31, 32, 33, 34, 35, 36, 37, 38, 39)
-
-
40. A system comprising:
-
a first telecommunications switch;
a second telecommunications switch located remotely from the first telecommunications switch, the second telecommunications switch including a security checkpoint system, the security checkpoint system being operable to;
determine whether information received at the second telecommunications switch was routed through the first telecommunications switch; and
refuse to transfer the information upon determining that the information was not routed through the first telecommunications switch;
an end user node; and
a telecommunications network over which the first telecommunications switch, the second telecommunications switch, and the end user node are communicably coupled. - View Dependent Claims (41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53)
-
-
54. A telecommunications switch, the telecommunications switch comprising:
-
a security checkpoint system protected processing environment, the security checkpoint system protected processing environment being operable to;
verify that a piece of electronic information received at the security checkpoint system protected processing environment was routed through a telecommunications network in accordance with controls associated with the piece of electronic information; and
associate a digital certificate with the piece of electronic information upon determining that the piece of electronic information was routed through the telecommunications network in accordance with the controls. - View Dependent Claims (55, 56, 57, 58)
-
-
59. A method comprising:
-
sending an electronic container from a first user'"'"'s electronic appliance over a telecommunications network comprising one or more telecommunications switches, the electronic container including protected information and control information for governing use of the protected information;
receiving the electronic container at a first telecommunications switch;
associating a first digital certificate with the electronic container at the first telecommunications switch;
receiving the electronic container at a second telecommunications switch;
verifying the first digital certificate and associating a second digital certificate with the electronic container;
receiving the electronic container at the second user'"'"'s electronic appliance;
verifying the second digital certificate; and
accessing the protected information in accordance with the control information. - View Dependent Claims (60, 61, 62, 63, 64)
-
-
65. A method comprising:
-
receiving, over a telecommunications network, an electronic container at a telecommunications switch, the electronic container including protected information and having associated control information for governing the protected information, the control information including one or more requirements regarding how the electronic container may be routed;
determining if the electronic container was routed in accordance with the control information; and
upon determining that the electronic container was routed in accordance with the control information, forwarding the electronic container to an end user node over the telecommunications network. - View Dependent Claims (66, 67, 68, 69, 70)
-
-
71. A method comprising:
-
receiving, over a telecommunications network, an electronic container at a telecommunications switch, the electronic container including protected information and control information for governing the protected information, the control information including one or more auditing requirements;
recording auditing information at the telecommunications switch in accordance with the control information; and
forwarding the electronic container from the telecommunications switch to an end user node over the telecommunications network. - View Dependent Claims (72, 73, 74, 75)
-
-
76. A method comprising:
-
receiving, over a telecommunications network, an electronic container at a telecommunications switch, the electronic container including protected information and control information for governing the protected information, the control information including one or more security-related requirements;
determining, at the telecommunications switch, that the one or more security-related requirements have been satisfied; and
upon determining that the one or more security-related requirements have been satisfied, forwarding the electronic container from the telecommunications switch to an end user node over the telecommunications network. - View Dependent Claims (77, 78, 79, 80, 81, 82)
-
-
83. A method comprising:
-
receiving, over a telecommunications network, an electronic container at an end user site, the electronic container including protected information and having associated one or more controls for governing the protected information;
determining if the electronic container has an associated certificate, the certificate having been issued by a telecommunications switch on the telecommunications network prior to receipt of the electronic container at the end user site; and
providing an end user with access to the protected information in accordance with the one or more controls;
wherein the end user site includes software and/or hardware for impeding tampering by the end user with performance of at least said step of providing access to the protected information in accordance with the one or more controls. - View Dependent Claims (84, 85)
-
-
86. A method comprising:
-
receiving a data item at a telecommunications switch located on a telecommunications network, the data item having control information associated therewith, the control information specifying routing requirements for the data item;
at the telecommunications switch, determining if the data item has been routed in accordance with the control information;
sending the data item to a remote site on the telecommunications network upon determining that the data item has been routed in accordance with the control information; and
recording information related to the data item. - View Dependent Claims (87, 88, 89)
-
-
90. A method comprising:
-
receiving an electronic purchase order at a security checkpoint system located on a telecommunications network, the electronic purchase order having been sent by a first site on the telecommunications network to a remote site;
determining if the electronic purchase order complies with requirements relating to the financial amount committed;
determining if the electronic purchase order includes an indication of proper ordering authority; and
sending the electronic purchase order over the telecommunications network to the remote site upon determining that the electronic purchase order complies with the requirements relating to financial amount committed and includes a valid indication of proper ordering authority. - View Dependent Claims (91)
-
-
92. A method comprising:
-
receiving an electronic container at a security checkpoint system located on a telecommunications network, the electronic container including protected information and having been sent from a first user site;
at the security checkpoint system, determining if transmission of the electronic container complies with one or more limits relating to the transmission of electronic containers from the user site; and
sending the electronic container to a second user site upon determining that transmission of the electronic container to the second user site complies with the one or more limits. - View Dependent Claims (93, 94, 95, 96)
-
Specification